{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T17:28:22.855","vulnerabilities":[{"cve":{"id":"CVE-2021-36330","sourceIdentifier":"security_alert@emc.com","published":"2021-11-30T21:15:08.167","lastModified":"2024-11-21T06:13:31.883","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate user."},{"lang":"es","value":"Dell EMC Streaming Data Platform versiones anteriores a 1.3, contienen una Vulnerabilidad de Expiración de Sesión Insuficiente. Un atacante remoto no autenticado puede explotar potencialmente esta vulnerabilidad para reusar artefactos de sesión antiguos para hacerse pasar por un usuario legítimo"}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_streaming_data_platform:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3","matchCriteriaId":"D4B36EF2-5B0B-44C2-B4F6-27A43C49241E"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-in/000193697/dsa-2021-205-dell-emc-streaming-data-platform-security-update-for-third-party-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]},{"url":"https://www.dell.com/support/kbdoc/en-in/000193697/dsa-2021-205-dell-emc-streaming-data-platform-security-update-for-third-party-vulnerabilities","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}